← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Rat Race: ValleyRAT Malware Targets Organizations with New Delivery Techniques
WHITE CyberHunter_NL 2025-02-04 Modified: 2025-03-06
19
IOCs
MEDIUM VOLUME
Morphisec Threat Labs has investigated a series of indicators of attacks leading to a sophisticated, multi-stage malware named ValleyRAT, which is frequently attributed to the Silver Fox APT. A look at some of the key indicators that have been used to test the stability of China's social network, and how they might affect the wider market.. and the way they are used.
compromiseiocsmonitor
Indicators of Compromise (19)
All URL FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain
TYPEINDICATORDESCRIPTIONCREATED
URL https://anizom.com/ 2025-02-04
FileHash-MD5 0b2d06172a753dcf8fbab1fc34ffc8d9 MD5 of 3989f7fa8d1d59ebc6adea90e3958a892b47d94268bf9d5c9c96811f3fb65b00 2025-02-04
FileHash-MD5 cfb539cb3a6cb0409d3bb289ba151c51 MD5 of 6ed466a2a6eeb83d1ff32ba44180352cf0a9ccc72b47e5bd55c1750157c8dc4c 2025-02-04
FileHash-MD5 ed84de62c3753c95a411dd6618c7d2cf MD5 of 311f2d4ef2598e4a193609c3cd47bf4ff5fb88907026946ecffe6b960d43d5b2 2025-02-04
FileHash-SHA1 30ca9b3f67002cbb30a6fcbb63ee7c30e2bf53de SHA1 of 311f2d4ef2598e4a193609c3cd47bf4ff5fb88907026946ecffe6b960d43d5b2 2025-02-04
FileHash-SHA1 5d517b75f981b22dca87d5947502a81994a51eaa SHA1 of 3989f7fa8d1d59ebc6adea90e3958a892b47d94268bf9d5c9c96811f3fb65b00 2025-02-04
FileHash-SHA1 cfe92942da955d37844c81870aa705fcc1122b24 SHA1 of 6ed466a2a6eeb83d1ff32ba44180352cf0a9ccc72b47e5bd55c1750157c8dc4c 2025-02-04
FileHash-SHA256 1db77692eaf4777f69ddf78c52424d81834572f1539ccea263d86a46f28e0cea 2025-02-04
FileHash-SHA256 311f2d4ef2598e4a193609c3cd47bf4ff5fb88907026946ecffe6b960d43d5b2 2025-02-04
FileHash-SHA256 3989f7fa8d1d59ebc6adea90e3958a892b47d94268bf9d5c9c96811f3fb65b00 2025-02-04
FileHash-SHA256 51a9d06359952f6935619e8cf67042d2cec593788c324b72cffc0d34b1762bb0 2025-02-04
FileHash-SHA256 53a6735ce1eca68908c0367152a1f8f3ca62b801788cd104f53d037811284d71 2025-02-04
FileHash-SHA256 6ed466a2a6eeb83d1ff32ba44180352cf0a9ccc72b47e5bd55c1750157c8dc4c 2025-02-04
FileHash-SHA256 7c2a1b09617566ff9e94d0b1c15505213589f7fd3b445b334051d9574e52e0f5 2025-02-04
FileHash-SHA256 a87745682da20ddfd6eac7ff2d27fec73ff56c6e9b4438121dcb6ba699c5cb3c 2025-02-04
FileHash-SHA256 bb89e401560ba763d1c5860dd51667ba17768c04d00270bf34abebac47fd040e 2025-02-04
URL https://karlost.club/ 2025-02-04
domain anizom.com 2025-02-04
domain karlost.club 2025-02-04
References (1)
↗ https://www.morphisec.com/blog/rat-race-valleyrat-malware-china/?utm_content=323764605&utm_medium=social&utm_source=twitter&hss_channel=tw-2965779277